Skip to main content

Oracle Products Multiple Vulnerabilities

Last Update Date: 30 Oct 2020 Release Date: 21 Oct 2020 5704 Views

RISK: Extremely High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers

Multiple vulnerabilities were identified in Oracle Products, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, disclose sensitive information, data manipulation, cross-site scripting and bypass security restriction on the targeted system.

 

[Updated 30-Oct-2020] Note: One of the vulnerabilities (CVE-2020-14882) is currently being exploited in the wild.


Impact

  • Cross-Site Scripting
  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • MySQL
  • Java SE
  • Oracle Database Server
  • WebLogic Server

 

For other Oracle products, please refer to the link below:

https://www.oracle.com/security-alerts/cpuoct2020.html


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Oracle Critical Patch Update Advisory


Vulnerability Identifier


Source


Related Link